We’re getting hammered by a bot called Bytespider at present, which is coming in from dozens of different AWS IP addresses. I’d like to try and block this user agent in WAF > Tools > User Agent Blocking but I’m not sure of the correct format of the rule. I’ve tried the following:
(http.user_agent contains “Bytespider”)
Bytespider
Mozilla/5.0 (compatible;+Bytespider;[email protected])
But from our IIS logs it seems the traffic is still making it to our server. Are any of the 3 rules shown above configured correctly to block user agent Bytespider?
Thanks
Mark